Minuteman Library Network Privacy Policy

Introduction

 

Privacy is essential to the exercise of free speech, free thought, and free association, and confidentiality exists when a library is in possession of personally identifiable information about users and keeps that information private on their behalf. The Minuteman Library Network (MLN) and our member libraries recognize the importance of protecting the privacy and confidentiality of our users’ registration, circulation, and electronic access information. Our commitment to privacy and confidentiality has deep roots not only in law but also in the ethics and practices of librarianship.


User rights—as well as our institution's responsibilities—outlined here are based in part on what are known in the United States as the five "Fair Information Practice Principles." These five principles outline the rights of Notice, Choice, Access, Security, and Enforcement.

This policy may change from time to time and we encourage you to check it periodically.

Personal Information We May Possess

 

We must obtain certain personal information about you in order to provide a library account.  If you are affiliated with our college libraries, we may receive personally identifiable information to create and update your library account from your college.  This information about library users is found in the following contexts: 


User registration information:  This is the information, including names, home addresses, phone numbers, and email addresses, that is provided to the library when a library card is obtained by a user.  This information is retained for library business, and user accountability for checked out materials.  It is also retained to determine eligibility for resources limited to residents of a community.


Circulation information:  When library materials are borrowed through our system, the information collected by Minuteman is limited to what is believed necessary or useful to conduct library business. Personal information is gathered for the purpose of identification and accountability of library materials.


Electronic Access Information:  We may obtain data regarding users at the time they use a library card to gain access to electronic content (for which the State, the Minuteman Library Network or the individual library pays a subscription fee). MLN keeps no permanent record of sites visited by library users, the electronic databases accessed, or the searches performed by individual users.  While we may disclose information about use of our website in aggregate (such as server use statistics), we will not disclose to third parties any information that could be used to identify individuals or their use of MLN resources, except as required by law or appropriate law enforcement procedures.

Access to Information We Have About You

 

Any person is entitled to view his or her own library account information in person with positive identification in our libraries.  Only users with proper identification may correct their library account information through the library.  The records of minors with their own cards are also considered to be private to those persons.

Minuteman Library Network General Policy of Nondisclosure

 

MLN will not publicly disclose personal information about library users or their borrowing history.  MLN will not sell, lease, or give users’ personal information or borrowing information to companies, governmental agencies, or individuals except as needed by the participating libraries or as required by federal and state law. We provide essential information to trusted partners who work on behalf of or with Minuteman; however, these companies do not have any independent right to share this information. These companies must demonstrate that they agree that end user data will not be retained or sold or otherwise distributed or disclosed.

Personal information of library users may be accessed by and used by a staff member of MLN or of a member library when the staff member is acting within the scope of his or her duties in the administration of the library.  While all member libraries are encouraged to develop and implement their own privacy policy, MLN assumes no liability for disclosure of library user personal information by any library staff acting within or outside the scope of his or her duties.

MLN or a member library may be required to provide a user’s personal information to a local, state or federal governmental entity pursuant to compulsory legal process.  While we will make every effort to respect the privacy of our users, if under a legal requirement to turn over data, such as a court order, subpoena or search warrant, we will comply with the law.

Data Integrity and Security

 

Minuteman Library Network makes every reasonable effort to maintain the accuracy of all information we collect and retain. We are also committed to maintaining the security of all personal information.  Appropriate physical, electronic, and managerial procedures are in place to safeguard and secure the information we collect to prevent unauthorized access, alteration or disclosure of data. 

Despite the precautions we take to prevent unauthorized access to personal information, we recognize that no system is immune from unlawful intrusion through hacking, which violates both federal and state laws; therefore, the Minuteman Library Network cannot guarantee that information we collect can never be accessed by unauthorized users.

Categories of Data

 

User data

Data about library users is stored in our library automation software, which is not accessible from outside of the library.  Library staff must use a username and password for access to the system. Data is removed from the system if a user account is inactive for 4 or more years.

Transaction Data

Borrowing

Information on a user’s borrowing activity is retained to provide identification and accountability for library materials.

Holds

User requests are kept by the system until they are filled and for an additional 30 days if the item is not picked up or the request is cancelled.
Backup tapes for system restoration in case of catastrophic data loss are recycled on a regular basis.

Searching and User Account Inquiries

 

No personally identifiable data is kept about user searches in the catalog.

If a user chooses to record “Preferred Searches”, the information is only accessible by the user, using the user’s library barcode and PIN.

If a user chooses to keep a “Reading History”, the data is only accessible by using the user’s barcode and PIN.

If a user chooses to keep reading lists, the data is only accessible by the user using his barcode and PIN.

The Minuteman site provides secure SSL transmission of any dialogs conducted once a user has logged in with barcode and PIN.

Credit Card Transactions

 

MLN accepts credit card payments for fines and fees levied by member libraries. Payments may be made either online or at a self-checkout station at a member library.  Minuteman uses a secure, reliable payment connection through a third party vendor. Our systems are PCI compliant (Payment Card Industry Data Security Standard).


No credit card information is stored by MLN. The credit card statement will list "Minuteman" as the vendor.


Minuteman is not able to provide refunds on your credit card. All Minuteman libraries have their own policies regarding refunds for lost items. Some libraries do not provide refunds for lost and paid material. Contact your local library for more information.

Electronic Content Access

 

Access to electronic content (for which the State, the Minuteman Library Network or the individual library pays a subscription fee) from outside of a library often requires authentication to determine that the user is eligible for access. The user is asked to enter the library card number. The Minuteman Library Network only provides the outside database provider with an indication of whether or not the user is eligible for access to this database.


Minuteman Library Network works with a variety of partners to provide Electronic Content (eContent) to our users. Before checking out any of Minuteman’s eContent, users should read the privacy policy of the company that is providing the service in question. For example, users who check out eBooks from Minuteman’s website for use on their Kindle (or via a Kindle app) will receive those eBooks via Amazon. Amazon’s privacy policy describes the kind of information that is collected and stored in connection with such transactions, and we encourage our users to familiarize themselves with that policy as well as the Kindle's Terms of Use before engaging in such transactions. In reading Amazon’s privacy policy, users will learn, for example, that Amazon retains (on a long term basis) information about the eBook a user borrows as well as any notes or highlights added to the text by the user.

Website Access

 

No personally identifiable information is tracked for visitors to the Minuteman Library Network websites: http://www.mln.lib.ma.us/http://library.minlib.net/  , http://find.minlib.net/ and the mobile versions of these.


Email

 

Libraries collect email addresses for purposes directly related to library services. Electronic mail is sent to notify users when requested material is ready for pickup at the library, or when material has become overdue or billed. These email addresses are kept confidential and never shared outside of the library network.

There is no guaranty of privacy for email that travels over the Internet between a user and the Minuteman Library Network. Users can remove their email address online, https://library.minlib.net/patroninfo/ or request that it be removed from their record by a library staff member.

Internet Usage

 

Links to other sites

The Minuteman Library Network site contains links to many other sites.  Minuteman Library Network is not responsible for the confidentiality of any information patrons provide to outside sites.
When users connect to websites outside of the Minuteman servers, all communication is over the public Internet.  Users must understand that this is not protected communication when choosing to provide personal information to external websites.  Minuteman cannot and does not guarantee that every task completed on PCs connected to its network is private. 


Computer Use Records

Minuteman Library Network member libraries offer computers for public access.  Some MLN member libraries use software to manage the high demand for these computers.  Users enter their library card registration number (or barcode) to use a computer.  While statistics about overall usage patterns are maintained in order to improve services offered, the activities of specific users are not retained.  User login information is removed from the computer in accordance with the policy of the individual member library.
Library users must keep in mind that public workstations are neither private nor secure and must use judgment and discretion when using a library computer.  The Minuteman Library Network assumes no liability for any violation of privacy of individual or any commercial or financial loss to users who use library computers.

Forms

 

The Minuteman Library Network website provides forms for contacting the Network. Data so provided is kept confidential and is used only to respond in cases where the user has asked for a response. We reserve the right to keep suggestions for future improvement to our system or our web site, so long as we strip the suggestion of any personally identifiable data.


References

 

Massachusetts General Laws Chapter 78: Section 7
     http://www.mass.gov/legis/laws/mgl/78-7.htm

ALA Code of Ethics
     http://www.ala.org/ala/issuesadvocacy/proethics/codeofethics/codeethics.cfm

ALA Privacy and Confidentiality
     http://www.ala.org/Template.cfm?Section=ifissues&Template=/ContentManagement/ContentDisplay.cfm&ContentID=25304

MLIN Massachusetts Library and Information Network
     http://mblc.state.ma.us/utilities/privacy.php

Fair Information Practice principles
     http://www.ftc.gov/reports/privacy3/fairinfo.htm



Contact:
If you have questions about this policy or feel that we have acted in violation of this policy, please contact Minuteman's management team.


Approved: October 18, 2006
Amended: September 19, 2007
Amended: June 16, 2010
Amended: January 18, 2012